[CentOS] VPN suggestions centos 6, 7

Tue Apr 5 15:52:12 UTC 2016
Dennis Jacobfeuerborn <dennisml at conversis.de>

How is IPSec "not recommended solution nowdays"?

I tend to use IPSec for site-to-site connections i.e. the ones that run
24/7 and only require two experienced people to set up (the admins at
both endpoints).
For host-to-site setups I prefer OpenVPN since explaining to endusers
how to set up an ipsec connection is neigh impossible whereas with
OpenVPN I can simply tell them to install the software and then unzip an
archive into a directory and they are done.

Regards,
  Dennis

On 05.04.2016 09:07, Eero Volotinen wrote:
> IPSec is not recommended solution nowdays. OpenVPN runs top of single udp
> or tcp port, so it usually works on strictly firewalled places like in
> hotels and so on.
> 
> --
> Eero
> 
> 2016-04-04 23:18 GMT+03:00 Gordon Messmer <gordon.messmer at gmail.com>:
> 
>> On 04/04/2016 10:57 AM, david wrote:
>>
>>> I have seen discussions of OpenVPN, OpenSwan, LibreVPN, StrongSwan (and
>>> probably others I haven't noted).  I'd be interested in hearing from anyone
>>> who wishes to comment about which to use, with the following requirements:
>>>
>>
>> I recommend l2tp/ipsec.  It's supported out of the box on a wide variety
>> of client platforms, which means significantly less work to set up the
>> clients.
>>
>> OpenVPN is a popular choice, and it's fine for most people.  It's more
>> work to set up than l2tp/ipsec, typically.  We used it for quite a while at
>> my previous employer, though ultimately dropped it because the Windows GUI
>> requires admin rights to run, and we didn't want to continue giving admin
>> rights to the users we supported.
>>
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
>